Hello,
the module in kamailio doesn't have an option for ca list. This should
be a configuration option for ldap server to know which trusted CA to
use. The ldap client library should have the option to set the
certificate and key.
Cheers,
Daniel
On 10/04/14 00:27, Slava Bendersky wrote:
Hello Everyone,
Tried look through documentation and couldn't find anything about it ?
Any suggestions ?
Slava.
------------------------------------------------------------------------
*From: *"Slava Bendersky" <volga...@networklab.ca>
*To: *sr-users@lists.sip-router.org
*Sent: *Monday, April 7, 2014 1:57:53 PM
*Subject: *[SR-Users] ldap SSL
Hello Everyone,
How I can specify ldap CA cert in ldap configuration ?
The directive ca_list bellow is ignored.
[07/Apr/2014:13:40:37 -0400] conn=20 op=-1 fd=70 closed - Peer does
not recognize and trust the CA that issued your certificate.
[07/Apr/2014:13:40:37 -0400] conn=22 op=-1 fd=64 closed - Encountered
end of file.
Current config
ldap_server_url = "ldaps://ds389.network.com:636"
ldap_bind_dn = "uid=adm,ou=People,dc=network,dc=com"
ldap_bind_password = "password"
authtype = simple
tls = on
ca_list = /etc/kamailio/cert/ca-cert_ldap.pem
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users@lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users@lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
--
Daniel-Constantin Mierla - http://www.asipto.com
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users@lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
